(If you had SSH access to a host in your Tailscale ACL, you could log in as `-i` and get a root login.)
There's Paramiko, but Python is still a huge liability in memory-constrained systems.
I also run self-hosted Wireguard. Initially on a Debian box, nowadays it is integrated into my router (admittedly, this is closed source). For around 6 years at this point.
The whole thing could not be easier and simpler. It has never randomly broken on me. It is fast. It is free. There is no middle man, no vendor.
I never understood the popularity of Tailscale, though that is on me. I'm sure it is a great product, I just never tried it, do not seem the target audience.
What confuses me is the often accompanying, sometimes aggressive anti-selfhosting stance in these sorts of threads. I do not see this in other topics, e.g. someone mentioning they run Jellyfin isn't met with "why not Plex?". Where does that come from? We are on HackerNews, not ProductShillNews, aren't we? I guess self hosting Wireguard is too boring to warrant any further discussion? The VPN equivalent of a Toyota Corolla.
it seems anthropic also use tailscale or it's just being discovered by the mythos model?
As single tailnet+single user, perhaps it's just okay
Really? That's the fix?
A proper fix is to use "--" to separate arguments.
A better fix is to call “getent passwd” with no user controlled arguments and then parse the resulting list. This gets rid of the input sanitization problem entirely.
Your answer is mostly correct, except that when you tug on that thread the shelf comes off the wall, the plaster comes with it, and then it cracks the water pipes on the way to the floor.
Refactoring external invocations to use safe argument handling is a better way to fix it. Along with tests that exercise weird names.
The username policy fixes this issue for good, regardless of whatever you write in the future, or whatever new mechanism is introduced.
It’s a restriction for sure, but it’s not a nonsense restriction? Who would have a username starting with a hyphen? I didn’t even know it was possible until today.
The better fix would be to not have the username pass through a parser looking for cli flags in the first place.
If their scope grows, and they run so much as root, it won't be their last.